'Spring Boot Exception evaluating SpringEL expression

ERROR 4904 --- [nio-8080-exec-1] org.thymeleaf.TemplateEngine
: [THYMELEAF][http-nio-8080-exec-1] Exception processing template "index": An error happened during template parsing (template: "class path resource [templates/index.html]")

org.thymeleaf.exceptions.TemplateInputException: An error happened during template parsing (template: "class path resource [templates/index.html]") at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:241) ~[thymeleaf-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100) ~[thymeleaf-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666) ~[thymeleaf-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098) [thymeleaf-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072) [thymeleaf-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.spring5.view.ThymeleafView.renderFragment(ThymeleafView.java:362) [thymeleaf-spring5-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.thymeleaf.spring5.view.ThymeleafView.render(ThymeleafView.java:189) [thymeleaf-spring5-3.0.11.RELEASE.jar:3.0.11.RELEASE] at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1370) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1116) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1055) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897) [spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE]

Caused by: org.attoparser.ParseException: Exception evaluating SpringEL expression: "#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''USER'')')" (template: "fragments/navbar" - line 8, col 15)

Pom.xml

<dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>
    <dependency>
        <groupId>org.thymeleaf.extras</groupId>
        <artifactId>thymeleaf-extras-springsecurity4</artifactId>
        <version>3.0.1.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>

    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>

Problem comes from here when I try to check the authority 

<html lang="en" xmlns="w3.org/1999/xhtml" xmlns:th="thymeleaf.org"> 
<th:block th:fragment="navbar">
    <th:block if:sec:authorize="isAnonymous()">
        <th:block th:replace="fragments/navbar-guest"></th:block>
    </th:block>
    <th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''USER'')')}">
        <th:block th:replace="fragments/navbar-user"></th:block>
    </th:block>
    <th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''ADMIN'')')}">
        <th:block th:replace="fragments/navbar-admin"></th:block>
    </th:block>
    <th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''MODERATOR'')')}">
        <th:block th:replace="fragments/navbar-user"></th:block>
    </th:block>
</th:block>
javaspringspring-bootthymeleaf


Solution 1:[1]

Ensure that you thymeleaf-extras-springsecurity4 in pom.xml

<dependency>
  <groupId>org.thymeleaf.extras</groupId>
  <artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>

and xmlns:sec in the html template in thymeleaf page.

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
  xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">

Solution 2:[2]

If you pass authorization in model like as below-

set parameters on the controller

request.setAttribute("authorization", authorizationObject);

use the same on the fron-end as below

<th:block th:if="${authorization.isAuthenticated() && authorization.hasAuthority('USER')}">
        <th:block th:replace="fragments/navbar-user"></th:block>
</th:block>

Hope it will be helpful, Thanks

Solution 3:[3]

I added interceptor which on every request sends the Role

modelAndView.addObject("authorization", SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream().findFirst().get().toString());

and in the HTML I check with <th:block th:if="${authorization=='USER'}"> <th:block th:replace="fragments/navbar-user"></th:block> </th:block>

For now everything works !

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1
Solution 2 sanjeevjha
Solution 3 Simeon

Related Questions